modules: mbedtls: move debug log hook implementation to modules/mbedtls/

So far there was a debug log hook installed in TLS socket implementation. However, mbedTLS (with debug enabled) might be used outside from TLS socket and even outside from networking context. Add new module, which implements debug log hook and makes it available whenever CONFIG_MBEDTLS_DEBUG is enabled. Note that debug hook needs to be installed for each mbedTLS context separately, which means that this requires action from mbedTLS users, such as TLS sockets implementation. Signed-off-by: Marcin Niestroj <m.niestroj@emb.dev>
2022-06-14 19:17:28 +02:00 · 2022-06-14 19:17:28 +02:00 · a418ad4bb4
commit a418ad4bb4
parent 6b386336ba
5 changed files with 59 additions and 32 deletions
--- a/modules/mbedtls/CMakeLists.txt
+++ b/modules/mbedtls/CMakeLists.txt
@ -14,6 +14,7 @@ if(CONFIG_MBEDTLS_BUILTIN)
    # and if so remove this include path.
    ${ZEPHYR_CURRENT_MODULE_DIR}/library
    configs
+    include
  )

  zephyr_library()
@ -28,6 +29,7 @@ if(CONFIG_MBEDTLS_BUILTIN)
    ${mbedtls_sources}
  )

+  zephyr_library_sources_ifdef(CONFIG_MBEDTLS_DEBUG debug.c)
  zephyr_library_sources_ifdef(CONFIG_MBEDTLS_SHELL shell.c)

  # mbedTLS v3.1.0 is having unused variables and functions in /library/ssl_msg.c
--- a/modules/mbedtls/Kconfig
+++ b/modules/mbedtls/Kconfig
@ -76,19 +76,23 @@ config MBEDTLS_SSL_MAX_CONTENT_LEN
 	  twice this value will be allocated (on mbedTLS own heap, so the
 	  value of MBEDTLS_HEAP_SIZE should accommodate that).

+module = MBEDTLS
+module-str = Log level mbedTLS library debug hook
+source "subsys/logging/Kconfig.template.log_config"
+
 config MBEDTLS_DEBUG
 	bool "mbed TLS debug activation"
 	depends on MBEDTLS_BUILTIN
 	help
 	  Enable debugging activation for mbed TLS configuration. If you use
-	  mbedTLS/Zephyr integration (e.g. net_app), this will activate debug
-	  logging (of the level configured by MBEDTLS_DEBUG_LEVEL).
+	  mbedTLS/Zephyr integration (e.g. native TLS sockets), this will
+	  activate debug logging.
+
 	  If you use mbedTLS directly instead, you will need to perform
 	  additional configuration yourself: call
-	  mbedtls_ssl_conf_dbg(&mbedtls.conf, my_debug, NULL);
-	  mbedtls_debug_set_threshold(level);
-	  functions in your application, and create the my_debug() function to
-	  actually print something useful.
+	  mbedtls_ssl_conf_dbg(&mbedtls.conf, zephyr_mbedtls_debug, NULL);
+	  function in your application. Alternatively implement your own debug
+	  hook function if zephyr_mbedtls_debug() doesn't suit your needs.

 config MBEDTLS_DEBUG_LEVEL
 	int "mbed TLS default debug level"
--- a/modules/mbedtls/debug.c
+++ b/modules/mbedtls/debug.c
@ -0,0 +1,31 @@
+/*
+ * Copyright (c) 2018 Nordic Semiconductor ASA
+ * Copyright (c) 2022 Marcin Niestroj
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+#include <zephyr/logging/log.h>
+LOG_MODULE_REGISTER(mbedtls, CONFIG_MBEDTLS_LOG_LEVEL);
+
+#include "zephyr_mbedtls_priv.h"
+
+void zephyr_mbedtls_debug(void *ctx, int level, const char *file, int line, const char *str)
+{
+	const char *p, *basename;
+
+	ARG_UNUSED(ctx);
+
+	if (!file || !str) {
+		return;
+	}
+
+	/* Extract basename from file */
+	for (p = basename = file; *p != '\0'; p++) {
+		if (*p == '/' || *p == '\\') {
+			basename = p + 1;
+		}
+	}
+
+	LOG_DBG("%s:%04d: |%d| %s", basename, line, level, str);
+}
--- a/modules/mbedtls/include/zephyr_mbedtls_priv.h
+++ b/modules/mbedtls/include/zephyr_mbedtls_priv.h
@ -0,0 +1,12 @@
+/*
+ * Copyright (C) 2022 Marcin Niestroj
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+#ifndef ZEPHYR_MODULES_MBEDTLS_PRIV_H_
+#define ZEPHYR_MODULES_MBEDTLS_PRIV_H_
+
+void zephyr_mbedtls_debug(void *ctx, int level, const char *file, int line, const char *str);
+
+#endif /* ZEPHYR_MODULES_MBEDTLS_PRIV_H_ */